New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Associate Cloud Engineer Exam - Topic 5 Question 94 Discussion

Actual exam question for Google's Associate Cloud Engineer exam
Question #: 94
Topic #: 5
[All Associate Cloud Engineer Questions]

During a recent audit of your existing Google Cloud resources, you discovered several users with email addresses outside of your Google Workspace domain.

You want to ensure that your resources are only shared with users whose email addresses match your domain. You need to remove any mismatched users, and you want to avoid having to audit your resources to identify mismatched users. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: D

https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints This list constraint defines the set of domains that email addresses added to Essential Contacts can have. By default, email addresses with any domain can be added to Essential Contacts. The allowed/denied list must specify one or more domains of the form @example.com. If this constraint is active and configured with allowed values, only email addresses with a suffix matching one of the entries from the list of allowed domains can be added in Essential Contacts. This constraint has no effect on updating or removing existing contacts. constraints/essentialcontacts.allowedContactDomains


by Sheridan at Sep 16, 2024, 11:58 PM

Limited Time Offer

25%

Off

Get Premium Associate Cloud Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Carol
3 months ago
I heard Cloud Scheduler can be a bit tricky to set up.
upvoted 0 times
...
Cecilia
3 months ago
Option D seems more thorough, though.
upvoted 0 times
...
Erasmo
3 months ago
Wait, can you really set a policy to auto-remove users? Sounds too good to be true.
upvoted 0 times
...
Audria
4 months ago
Definitely agree with that!
upvoted 0 times
...
Dierdre
4 months ago
I think option C is the best choice.
upvoted 0 times
...
Xochitl
4 months ago
I definitely remember that setting an organizational policy is a good way to prevent mismatched users, but I’m uncertain about the specifics of retroactive removal.
upvoted 0 times
...
Bettyann
4 months ago
I feel like using Cloud Scheduler to scan resources is a bit overkill for this situation. It seems like a more manual approach.
upvoted 0 times
...
Chara
4 months ago
I think we practiced a similar question where setting a policy was the best approach, but I can't recall if it was option C or D.
upvoted 0 times
...
Craig
5 months ago
I remember discussing how organizational policies can help enforce domain restrictions, but I'm not sure if they can retroactively remove users.
upvoted 0 times
...
Rashad
5 months ago
The organizational policy constraint seems like the way to go. That way, we can set it and forget it, and not have to worry about constantly monitoring and removing mismatched users.
upvoted 0 times
...
Juan
5 months ago
I'm a bit confused on the difference between the Cloud Scheduler task options. Do they have any significant differences, or are they essentially the same approach?
upvoted 0 times
...
Cletus
5 months ago
I'm leaning towards the organizational policy constraint option. That sounds like the most efficient way to handle this and prevent future issues.
upvoted 0 times
...
Sharika
5 months ago
Okay, let's see. I think the key here is finding a way to automatically remove any mismatched users without having to manually audit everything. That would be a huge time-saver.
upvoted 0 times
...
Danica
5 months ago
Hmm, this seems like a tricky one. I'll need to think carefully about the best approach to ensure our resources are only accessible to the right users.
upvoted 0 times
...
Glenn
5 months ago
This seems like a straightforward question about boiler water condensate corrosion. I'll need to think through the major factors that can contribute to this issue.
upvoted 0 times
...
Becky
1 year ago
Haha, I bet one of those mismatched users is the CEO's nephew or something. Better tread carefully with D)!
upvoted 0 times
Sunshine
1 year ago
Haha, I bet one of those mismatched users is the CEO's nephew or something. Better tread carefully with D)!
upvoted 0 times
...
Marget
1 year ago
C) Set an organizational policy constraint to limit identities by domain to automatically remove mismatched users.
upvoted 0 times
...
Tonette
1 year ago
A) Create a Cloud Scheduler task to regularly scan your projects and delete mismatched users.
upvoted 0 times
...
...
Mireya
1 year ago
This is a classic case of 'work smarter, not harder.' C) is the winner here - set it and forget it!
upvoted 0 times
Francoise
1 year ago
Agreed, setting it and forgetting it is the way to go.
upvoted 0 times
...
Chauncey
1 year ago
Definitely! It will save us a lot of time and effort.
upvoted 0 times
...
Gail
1 year ago
That sounds like a great solution!
upvoted 0 times
...
Gregoria
1 year ago
C) Set an organizational policy constraint to limit identities by domain to automatically remove mismatched users.
upvoted 0 times
...
...
Colton
1 year ago
I'm not sure about option D. It seems like a lot of work to retroactively remove mismatched users. I think option C is the way to go.
upvoted 0 times
...
Felicidad
1 year ago
B) sounds like the best choice. Regularly scanning the resources and removing the bad users is the most thorough approach, even if it takes a bit more effort.
upvoted 0 times
...
Dorothy
1 year ago
D) is the way to go. Gotta make sure we get rid of those pesky mismatched users, but the retroactive part is key to clean things up properly.
upvoted 0 times
Margret
1 year ago
Agreed, D) is the best option to clean up the existing mismatched users and prevent future ones.
upvoted 0 times
...
Myrtie
1 year ago
D) Set an organizational policy constraint to limit identities by domain, and then retroactively remove the existing mismatched users.
upvoted 0 times
...
Malcolm
1 year ago
C) Set an organizational policy constraint to limit identities by domain to automatically remove mismatched users.
upvoted 0 times
...
...
Hassie
1 year ago
I agree with Lashawn. Setting an organizational policy constraint seems like the most efficient way to handle this issue.
upvoted 0 times
...
Corazon
1 year ago
C) seems like the most straightforward option to me. Why waste time scanning and deleting users manually when we can just set a policy to automatically handle it?
upvoted 0 times
Toshia
1 year ago
Let's set the policy and remove those mismatched users automatically.
upvoted 0 times
...
Nadine
1 year ago
I think we should go ahead and implement that option to ensure our resources are secure.
upvoted 0 times
...
Chaya
1 year ago
It would definitely save us time and effort in the long run.
upvoted 0 times
...
Sommer
1 year ago
I agree, setting an organizational policy constraint sounds like the most efficient solution.
upvoted 0 times
...
...
Lashawn
1 year ago
I think option C sounds like the best solution. It would automatically remove mismatched users based on domain.
upvoted 0 times
...

Save Cancel